Though these results may vary across organizations, applying the M365 Secure Configuration Baselines is not only essential in this cyber threat environment, but it is a relatively low level of effort for most cyber teams. In terms of job responsibilities, you will be able to implement and manage security controls ensuring proper access management, network security, and data protection. You would have gained the skills to monitor security events, investigate incidents, and respond promptly to mitigate potential risks or breaches.
These final Baselines have been refined and improved through extensive engagement with partners and from experiences gained from on-the-ground implementation efforts with agencies. In October 2022, CISA released the draft M365 Secure Configuration Baselines for public comment and received hundreds of responses from public and private sector partners. In parallel, we conducted a dozen pilot projects at federal agencies to target the adoption of advanced cloud security practices while testing our guidance and recommended configurations in practice. These pilots demonstrated not only how critical these configuration baselines are to enhancing cybersecurity, but also how valuable it is to have comprehensive guidance to drive cross-organizational adoption in line with enterprise risk management. Our pilot effort also reinforced how simple the ScubaGear tool is to use, and provided insight into agency resource needs for full adoption. All participating agency teams were able to adopt a higher security baseline for their M365 email and cloud environments with existing resources- expertise they already had available.
Identity Protection and Governance
Each course has a scenario-based project, enabling you to practice skills in a realistic setting. These projects allow you to deepen your skills in protecting identity, access, data, applications, and networks in cloud and hybrid environments. Microsoft Azure security engineers are in high demand due to the increasing adoption of Microsoft Azure as a cloud computing platform. Employers require skilled professionals to ensure the secure configuration and protection of Azure resources and data, as well as to detect and respond to security incidents in Azure environments. We appreciate the contributions of all those who supported this effort over the past year.
A special thanks to the M365 team at Microsoft for the close collaboration throughout this effort. No prior knowledge is required to enroll in this program, however, having a familiarity with Azure technologies and a solid understanding of computer networking and hybrid environments is highly recommended. When you complete this professional certificate, you will have skills that enable you to confidently attempt the AZ-500 Microsoft Azure Security Technologies exam. Based on agency feedback, expert insight, Microsoft product updates, and extensive collaboration from Microsoft and other partners, Version 1.0 of the M365 Secure Configuration Baselines incorporates over 100 modifications to the initial draft.
Do I need to take the courses in a specific order?
This program caters to IT students and professionals experienced in Microsoft Azure to gain in-demand skills for Azure security engineer jobs. Our goal at Microsoft is to empower every individual and organization on the planet to achieve more. In this next revolution of digital transformation, growth is being driven by technology.
- No prior knowledge is required to enroll in this program, however, having a familiarity with Azure technologies and a solid understanding of computer networking and hybrid environments is highly recommended.
- In this next revolution of digital transformation, growth is being driven by technology.
- We appreciate the contributions of all those who supported this effort over the past year.
- While the final M365 baselines differ from the draft in meaningful ways, a few key improvements are of note.
- This tool decreases the effort required for agencies (or any organization) to assess their tenant configurations by producing a detailed as-is report to serve as a starting point.
We address the real-world needs of customers by seamlessly integrating Microsoft 365, Dynamics 365, LinkedIn, GitHub, Microsoft Power Platform, and Azure to unlock business value for every organization—from large enterprises to family-run businesses. When you complete this program, you will have a range of simulated project implementations to use as work samples during interviews. Learners who pass all 7 courses will receive a voucher for 50% off the AZ-500 certificate exam. Learners who complete this program will receive 50% off of the AZ-500 Microsoft Certification Exam. This course is completely online, so there’s no need to show up to a classroom in person.
What will I be able to do upon completing this professional certificate?
In addition, the skills gained will help you identify vulnerabilities and gaps in an organization’s Azure infrastructure and provide recommendations to enhance the security posture. You will be able to conduct risk assessments and ensure compliance within Azure environments. In support of our pilot efforts, CISA also microsoft azure security released our assessment tool, ScubaGear, to help organizations rapidly assess their M365 services against CISA’s recommended policies. This tool decreases the effort required for agencies (or any organization) to assess their tenant configurations by producing a detailed as-is report to serve as a starting point.
We’ve also made close to 50 enhancements to the ScubaGear tool as well to improve user experience and reliability. While the final M365 baselines differ from the draft in meaningful ways, a few key improvements are of note. Azure security engineers are responsible for implementing, managing, and overseeing security measures across Azure, multi-cloud, and hybrid environments to safeguard the entire infrastructure. Having familiarity with Azure technologies and a solid understanding of computer networking and hybrid environments is highly recommended. Today, we are pleased to announce the release of Version 1.0 of CISA’s Secure Configuration Baselines for Microsoft 365 (M365) along with our ScubaGear tool. These baselines provide easily adoptable policy configuration recommendations that complement each agency’s unique requirements and risk tolerance levels.